Company Profile
Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member's contributions and offers a supportive environment for career development. Come, stay, and grow with us.
Responsibilties
Job Description
- Sound knowledge of SAP GRC Access Control.
- Collaborate with senior leadership to develop formal processes for SOD Monitoring, SOD Remediation, and SAP Ruleset Maintenance.
- Support Governance, Risk and Compliance (GRC) projects in partnership with IT and business units.
- Understand core business processes such as P2P, O2C, R2R, and Production Cycle, and identify SoD access risks across these processes.
- Review the operation of various SAP modules, evaluate internal controls, identify irregularities, and recommend improvements.
- Assist Business Compliance Management in preparing reports that clearly present compliance review results and recommend corrective actions.
- Manage SOD-related SOX narratives and Risk Control Matrices (RCMs).
- Coordinate responses and documentation for internal and external audit queries
- Assess new SAP systems/modules entering GRC scope, including T‑codes, roles, authorization objects, and security design.
- Validate adequacy of access controls and provide risk recommendations.
- Periodically review and update the SAP GRC SoD & Sensitive Access ruleset based on system and process changes.
- Conduct risk assessments for non‑SAP applications and identify integration points with SAP GRC.
- Attend Architecture Design Review (ADR) meetings and conduct financial and operational risk assessments for IT system changes that impact internal controls
- Support alignment of non‑SAP risks within the broader SAP GRC framework.
- Experience in S/4 HANA implementation for SAP GRC
Qualifications
- 5-8 years of experience in SAP security - GRC 12.0
- Hands-on experience with SAP ECC or S/4
- Experience in Segregation of Duties (SoD) analysis and ERP access controls testing.
- Strong expertise in SOX audit/compliance and implementation of effective controls.
- Bachelor's degree (UG) in Finance or IT security
